@ 2013-12-30T19:46:40Z <?php
class ContentSecurityPolicy {
const DEFAULT_SRC = 'default-src';
const SCRIPT_SRC = 'script-src';
const OBJECT_SRC = 'object-src';
const STYLE_SRC = 'style-src';
const IMG_SRC = 'img-src';
const MEDIA_SRC = 'media-src';
const FRAME_SRC = 'frame-src';
const FONT_SRC = 'font-src';
const CONNECT_SRC = 'connect-src';
const SOURCE_NONE = "'none'";
const SOURCE_SELF = "'self'";
const SOURCE_UNSAFE_INLINE = "'unsafe-inline'";
const SOURCE_UNSAFE_EVAL = "'unsafe-eval'";
private $policy;
public function __construct() {
$this->policy = array();
$this->setPolicySourceDirectives();
}
private function setPolicySourceDirectives(){
$refl = new ReflectionClass(__CLASS__);
$srcPattern = '/.+_SRC$/';
foreach ($refl->getConstants() as $constant => $value){
if (preg_match($srcPattern, $constant)){
$this->policy[constant(__CLASS__.'::'.$constant)] = array();
}
}
}
private function copy() {
$retval = new ContentSecurityPolicy();
foreach ($this->policy as $directive => $sources) {
foreach ($sources as $source) {
array_push($retval->policy[$directive], $source);
}
}
return $retval;
}
function addSource($directive, $source) {
if (!isset($this->policy[$directive])) {
throw new CSPException("Invalid directive");
}
$this->policy[$directive][] = $source;
return $this;
}
function toString() {
return $this->__toString();
}
public function __toString(){
$retval = array();
foreach ($this->policy as $directive => $sources) {
if (sizeof($sources) > 0) {
$retval[] = join(' ', array($directive, join(' ', $sources)));
}
}
return join('; ', $retval);
}
}
class CSPException extends \Exception {}
$CSP = new ContentSecurityPolicy();
$CSP->addSource(ContentSecurityPolicy::DEFAULT_SRC, ContentSecurityPolicy::SOURCE_SELF) ->addSource(ContentSecurityPolicy::SCRIPT_SRC, ContentSecurityPolicy::SOURCE_SELF)
->addSource(ContentSecurityPolicy::SCRIPT_SRC, 'http://code.jquery.com')
->addSource(ContentSecurityPolicy::STYLE_SRC, ContentSecurityPolicy::SOURCE_SELF)
->addSource(ContentSecurityPolicy::STYLE_SRC, 'https://bootstrapcdn.com')
->addSource(ContentSecurityPolicy::FONT_SRC, 'https://fonts.googleapis.com');
echo $CSP;
exit("\nDone!\n");
Enable javascript to submit You have javascript disabled. You will not be able to edit any code.
Output for 5.3.0 - 5.3.29 , 5.4.0 - 5.4.45 , 5.5.0 - 5.5.38 , 5.6.0 - 5.6.28 , 7.0.0 - 7.0.20 , 7.1.0 - 7.1.20 , 7.2.6 - 7.2.33 , 7.3.12 - 7.3.33 , 7.4.0 - 7.4.33 , 8.0.0 - 8.0.30 , 8.1.0 - 8.1.27 , 8.2.0 - 8.2.17 , 8.3.0 - 8.3.4 default-src 'self'; script-src 'self' http://code.jquery.com; style-src 'self' https://bootstrapcdn.com; font-src https://fonts.googleapis.com
Done!
Output for 5.0.0 - 5.0.5 , 5.1.0 - 5.1.6 , 5.2.0 - 5.2.17 Warning: Unexpected character in input: '\' (ASCII=92) state=1 in /in/hCEBd on line 69
default-src 'self'; script-src 'self' http://code.jquery.com; style-src 'self' https://bootstrapcdn.com; font-src https://fonts.googleapis.com
Done!
Output for 4.4.2 - 4.4.9 Parse error: syntax error, unexpected T_CONST, expecting T_OLD_FUNCTION or T_FUNCTION or T_VAR or '}' in /in/hCEBd on line 3
Process exited with code 255 . Output for 4.3.0 - 4.3.1 , 4.3.5 - 4.3.11 , 4.4.0 - 4.4.1 Parse error: parse error, unexpected T_CONST, expecting T_OLD_FUNCTION or T_FUNCTION or T_VAR or '}' in /in/hCEBd on line 3
Process exited with code 255 . Output for 4.3.2 - 4.3.4 Parse error: parse error, expecting `T_OLD_FUNCTION' or `T_FUNCTION' or `T_VAR' or `'}'' in /in/hCEBd on line 3
Process exited with code 255 . preferences:dark mode live preview
276.3 ms | 405 KiB | 354 Q